feat: 接入 weixin 服务层与命令入口

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
2026-06-22 16:25:51 +00:00 · 2026-04-19 14:34:33 +08:00
parent f9d011164a
commit c0f7735110
21 changed files with 2112 additions and 27 deletions
--- a/bun.lock
+++ b/bun.lock
@@ -17,20 +17,20 @@
        "@ant/computer-use-swift": "workspace:*",
        "@ant/model-provider": "workspace:*",
        "@anthropic-ai/bedrock-sdk": "^0.26.4",
-        "@anthropic-ai/claude-agent-sdk": "^0.2.87",
+        "@anthropic-ai/claude-agent-sdk": "^0.2.114",
        "@anthropic-ai/foundry-sdk": "^0.2.3",
        "@anthropic-ai/mcpb": "^2.1.2",
        "@anthropic-ai/sandbox-runtime": "^0.0.44",
        "@anthropic-ai/sdk": "^0.80.0",
        "@anthropic-ai/vertex-sdk": "^0.14.4",
        "@anthropic/ink": "workspace:*",
-        "@aws-sdk/client-bedrock": "^3.1020.0",
+        "@aws-sdk/client-bedrock": "^3.1032.0",
-        "@aws-sdk/client-bedrock-runtime": "^3.1020.0",
+        "@aws-sdk/client-bedrock-runtime": "^3.1032.0",
-        "@aws-sdk/client-sts": "^3.1020.0",
+        "@aws-sdk/client-sts": "^3.1032.0",
-        "@aws-sdk/credential-provider-node": "^3.972.28",
+        "@aws-sdk/credential-provider-node": "^3.972.32",
-        "@aws-sdk/credential-providers": "^3.1020.0",
+        "@aws-sdk/credential-providers": "^3.1032.0",
        "@azure/identity": "^4.13.1",
-        "@biomejs/biome": "^2.4.10",
+        "@biomejs/biome": "^2.4.12",
        "@claude-code-best/agent-tools": "workspace:*",
        "@claude-code-best/builtin-tools": "workspace:*",
        "@claude-code-best/mcp-client": "workspace:*",
@@ -41,7 +41,7 @@
        "@modelcontextprotocol/sdk": "^1.29.0",
        "@opentelemetry/api": "^1.9.1",
        "@opentelemetry/api-logs": "^0.214.0",
-        "@opentelemetry/core": "^2.6.1",
+        "@opentelemetry/core": "^2.7.0",
        "@opentelemetry/exporter-logs-otlp-grpc": "^0.214.0",
        "@opentelemetry/exporter-logs-otlp-http": "^0.214.0",
        "@opentelemetry/exporter-logs-otlp-proto": "^0.214.0",
@@ -52,14 +52,14 @@
        "@opentelemetry/exporter-trace-otlp-grpc": "^0.214.0",
        "@opentelemetry/exporter-trace-otlp-http": "^0.214.0",
        "@opentelemetry/exporter-trace-otlp-proto": "^0.214.0",
-        "@opentelemetry/resources": "^2.6.1",
+        "@opentelemetry/resources": "^2.7.0",
        "@opentelemetry/sdk-logs": "^0.214.0",
-        "@opentelemetry/sdk-metrics": "^2.6.1",
+        "@opentelemetry/sdk-metrics": "^2.7.0",
-        "@opentelemetry/sdk-trace-base": "^2.6.1",
+        "@opentelemetry/sdk-trace-base": "^2.7.0",
        "@opentelemetry/semantic-conventions": "^1.40.0",
-        "@sentry/node": "^10.47.0",
+        "@sentry/node": "^10.49.0",
-        "@smithy/core": "^3.23.13",
+        "@smithy/core": "^3.23.15",
-        "@smithy/node-http-handler": "^4.5.1",
+        "@smithy/node-http-handler": "^4.5.3",
        "@types/bun": "^1.3.12",
        "@types/cacache": "^20.0.1",
        "@types/he": "^1.2.3",
@@ -81,7 +81,7 @@
        "asciichart": "^1.5.25",
        "audio-capture-napi": "workspace:*",
        "auto-bind": "^5.0.1",
-        "axios": "^1.14.0",
+        "axios": "^1.15.0",
        "bidi-js": "^1.0.3",
        "cacache": "^20.0.4",
        "chalk": "^5.6.2",
@@ -96,7 +96,7 @@
        "execa": "^9.6.1",
        "fflate": "^0.8.2",
        "figures": "^6.1.0",
-        "fuse.js": "^7.1.0",
+        "fuse.js": "^7.3.0",
        "get-east-asian-width": "^1.5.0",
        "google-auth-library": "^10.6.2",
        "he": "^1.2.0",
@@ -106,21 +106,22 @@
        "image-processor-napi": "workspace:*",
        "indent-string": "^5.0.0",
        "jsonc-parser": "^3.3.1",
-        "knip": "^6.1.1",
+        "knip": "^6.4.1",
-        "lodash-es": "^4.17.23",
+        "lodash-es": "^4.18.1",
-        "lru-cache": "^11.2.7",
+        "lru-cache": "^11.3.5",
-        "marked": "^17.0.5",
+        "marked": "^17.0.6",
        "modifiers-napi": "workspace:*",
-        "openai": "^6.33.0",
+        "openai": "^6.34.0",
        "p-map": "^7.0.4",
        "picomatch": "^4.0.4",
        "plist": "^3.1.0",
        "proper-lockfile": "^4.1.2",
        "qrcode": "^1.5.4",
-        "react": "^19.2.4",
+        "qrcode-terminal": "^0.12.0",
        "react": "^19.2.5",
        "react-compiler-runtime": "^1.0.0",
        "react-reconciler": "^0.33.0",
-        "rollup": "^4.60.1",
+        "rollup": "^4.60.2",
        "semver": "^7.7.4",
        "sharp": "^0.34.5",
        "shell-quote": "^1.8.3",
@@ -129,10 +130,10 @@
        "strip-ansi": "^7.2.0",
        "supports-hyperlinks": "^4.4.0",
        "tree-kill": "^1.2.2",
-        "turndown": "^7.2.2",
+        "turndown": "^7.2.4",
-        "type-fest": "^5.5.0",
+        "type-fest": "^5.6.0",
-        "typescript": "^6.0.2",
+        "typescript": "^6.0.3",
-        "undici": "^7.24.6",
+        "undici": "^7.25.0",
        "url-handler-napi": "workspace:*",
        "usehooks-ts": "^3.1.1",
        "vite": "^8.0.8",
@@ -2476,6 +2477,8 @@
    "qrcode": ["qrcode@1.5.4", "https://registry.npmmirror.com/qrcode/-/qrcode-1.5.4.tgz", { "dependencies": { "dijkstrajs": "^1.0.1", "pngjs": "^5.0.0", "yargs": "^15.3.1" }, "bin": { "qrcode": "bin/qrcode" } }, "sha512-1ca71Zgiu6ORjHqFBDpnSMTR2ReToX4l1Au1VFLyVeBTFavzQnv5JxMFr3ukHVKpSrSA2MCk0lNJSykjUfz7Zg=="],
    "qrcode-terminal": ["qrcode-terminal@0.12.0", "", { "bin": { "qrcode-terminal": "./bin/qrcode-terminal.js" } }, "sha512-EXtzRZmC+YGmGlDFbXKxQiMZNwCLEO6BANKXG4iCtSIM0yqc/pappSx3RIKr4r0uh5JsBckOXeKrB3Iz7mdQpQ=="],
    "qs": ["qs@6.15.1", "https://registry.npmmirror.com/qs/-/qs-6.15.1.tgz", { "dependencies": { "side-channel": "^1.1.0" } }, "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg=="],
    "queue-microtask": ["queue-microtask@1.2.3", "https://registry.npmmirror.com/queue-microtask/-/queue-microtask-1.2.3.tgz", {}, "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A=="],
--- a/package.json
+++ b/package.json
@@ -173,6 +173,7 @@
    "plist": "^3.1.0",
    "proper-lockfile": "^4.1.2",
    "qrcode": "^1.5.4",
    "qrcode-terminal": "^0.12.0",
    "react": "^19.2.5",
    "react-compiler-runtime": "^1.0.0",
    "react-reconciler": "^0.33.0",
--- a/src/entrypoints/cli.tsx
+++ b/src/entrypoints/cli.tsx
@@ -140,6 +140,13 @@ async function main(): Promise<void> {
    return
  }
  if (args[0] === 'weixin') {
    profileCheckpoint('cli_weixin_path')
    const { handleWeixinCli } = await import('../services/weixin/cli.js')
    await handleWeixinCli(args.slice(1))
    return
  }
  // Fast-path for `--daemon-worker=<kind>` (internal — supervisor spawns this).
  // Must come before the daemon subcommand check: spawned per-worker, so
  // perf-sensitive. No enableConfigs(), no analytics sinks at this layer —
--- a/src/services/weixin/tests/accounts.test.ts
+++ b/src/services/weixin/tests/accounts.test.ts
@@ -0,0 +1,54 @@
 import { afterEach, describe, expect, test } from 'bun:test'
 import { mkdtempSync, rmSync, statSync } from 'node:fs'
 import { tmpdir } from 'node:os'
 import { join } from 'node:path'
 const testDir = mkdtempSync(join(tmpdir(), 'weixin-test-accounts-'))
 process.env.WEIXIN_STATE_DIR = testDir
 import { clearAccount, loadAccount, saveAccount } from '../accounts.js'
 afterEach(() => {
  rmSync(testDir, { recursive: true, force: true })
 })
 describe('account storage', () => {
  test('loadAccount returns null when no account exists', () => {
    expect(loadAccount()).toBeNull()
  })
  test('saveAccount and loadAccount round-trip', () => {
    const data = {
      token: 'test-token',
      baseUrl: 'https://example.com',
      userId: 'user1',
      savedAt: '2025-01-01T00:00:00.000Z',
    }
    saveAccount(data)
    expect(loadAccount()).toEqual(data)
  })
  test('saveAccount sets file permissions to 0600', () => {
    saveAccount({
      token: 'test',
      baseUrl: 'https://example.com',
      savedAt: new Date().toISOString(),
    })
    const stats = statSync(join(testDir, 'account.json'))
    if (process.platform === 'win32') {
      expect(stats.isFile()).toBe(true)
      return
    }
    expect(stats.mode & 0o777).toBe(0o600)
  })
  test('clearAccount removes the file', () => {
    saveAccount({
      token: 'test',
      baseUrl: 'https://example.com',
      savedAt: new Date().toISOString(),
    })
    clearAccount()
    expect(loadAccount()).toBeNull()
  })
 })
--- a/src/services/weixin/tests/media.test.ts
+++ b/src/services/weixin/tests/media.test.ts
@@ -0,0 +1,90 @@
 import { describe, expect, test } from 'bun:test'
 import { randomBytes } from 'node:crypto'
 import {
  aesEcbPaddedSize,
  buildCdnDownloadUrl,
  buildCdnUploadUrl,
  decryptAesEcb,
  encryptAesEcb,
  guessMediaType,
  parseAesKey,
 } from '../media.js'
 import { UploadMediaType } from '../types.js'
 describe('AES-128-ECB', () => {
  test('encrypt then decrypt returns original data', () => {
    const key = randomBytes(16)
    const plaintext = Buffer.from('hello world test data!!')
    const ciphertext = encryptAesEcb(plaintext, key)
    expect(decryptAesEcb(ciphertext, key)).toEqual(plaintext)
  })
  test('different keys produce different ciphertext', () => {
    const plaintext = Buffer.from('test data')
    expect(
      encryptAesEcb(plaintext, randomBytes(16)),
    ).not.toEqual(encryptAesEcb(plaintext, randomBytes(16)))
  })
 })
 describe('aesEcbPaddedSize', () => {
  test('pads to next 16-byte boundary', () => {
    expect(aesEcbPaddedSize(1)).toBe(16)
    expect(aesEcbPaddedSize(16)).toBe(32)
    expect(aesEcbPaddedSize(17)).toBe(32)
    expect(aesEcbPaddedSize(32)).toBe(48)
  })
 })
 describe('parseAesKey', () => {
  test('parses 16 raw bytes from base64', () => {
    const raw = randomBytes(16)
    expect(parseAesKey(raw.toString('base64'))).toEqual(raw)
  })
  test('parses hex-encoded key from base64', () => {
    const raw = randomBytes(16)
    const b64 = Buffer.from(raw.toString('hex'), 'ascii').toString('base64')
    expect(parseAesKey(b64)).toEqual(raw)
  })
  test('throws on invalid key length', () => {
    expect(() => parseAesKey(Buffer.from('short').toString('base64'))).toThrow(
      'Invalid aes_key',
    )
  })
 })
 describe('CDN URL builders', () => {
  test('buildCdnDownloadUrl encodes param', () => {
    expect(buildCdnDownloadUrl('abc=123', 'https://cdn.example.com')).toBe(
      'https://cdn.example.com/download?encrypted_query_param=abc%3D123',
    )
  })
  test('buildCdnUploadUrl encodes params', () => {
    expect(
      buildCdnUploadUrl('https://cdn.example.com', 'param1', 'key1'),
    ).toBe(
      'https://cdn.example.com/upload?encrypted_query_param=param1&filekey=key1',
    )
  })
 })
 describe('guessMediaType', () => {
  test('detects image extensions', () => {
    expect(guessMediaType('photo.jpg')).toBe(UploadMediaType.IMAGE)
    expect(guessMediaType('photo.png')).toBe(UploadMediaType.IMAGE)
    expect(guessMediaType('photo.webp')).toBe(UploadMediaType.IMAGE)
  })
  test('detects video extensions', () => {
    expect(guessMediaType('video.mp4')).toBe(UploadMediaType.VIDEO)
    expect(guessMediaType('video.mov')).toBe(UploadMediaType.VIDEO)
  })
  test('defaults to FILE for unknown extensions', () => {
    expect(guessMediaType('doc.pdf')).toBe(UploadMediaType.FILE)
    expect(guessMediaType('archive.zip')).toBe(UploadMediaType.FILE)
  })
 })
--- a/src/services/weixin/tests/monitor.test.ts
+++ b/src/services/weixin/tests/monitor.test.ts
@@ -0,0 +1,22 @@
 import { describe, expect, test } from 'bun:test'
 import { extractPermissionReply } from '../monitor.js'
 describe('extractPermissionReply', () => {
  test('parses allow replies', () => {
    expect(extractPermissionReply('yes abcde')).toEqual({
      requestId: 'abcde',
      behavior: 'allow',
    })
  })
  test('parses deny replies', () => {
    expect(extractPermissionReply('No abcde')).toEqual({
      requestId: 'abcde',
      behavior: 'deny',
    })
  })
  test('ignores unrelated text', () => {
    expect(extractPermissionReply('yes please do it')).toBeNull()
  })
 })
--- a/src/services/weixin/tests/pairing.test.ts
+++ b/src/services/weixin/tests/pairing.test.ts
@@ -0,0 +1,78 @@
 import { afterEach, describe, expect, test } from 'bun:test'
 import { mkdtempSync, rmSync } from 'node:fs'
 import { tmpdir } from 'node:os'
 import { join } from 'node:path'
 const testDir = mkdtempSync(join(tmpdir(), 'weixin-test-pairing-'))
 process.env.WEIXIN_STATE_DIR = testDir
 import {
  addPendingPairing,
  confirmPairing,
  isAllowed,
  loadAccessConfig,
  saveAccessConfig,
 } from '../pairing.js'
 afterEach(() => {
  rmSync(testDir, { recursive: true, force: true })
 })
 describe('loadAccessConfig', () => {
  test('returns default config when no file exists', () => {
    const config = loadAccessConfig()
    expect(config.policy).toBe('pairing')
    expect(config.allowFrom).toEqual([])
  })
  test('round-trips saved config', () => {
    saveAccessConfig({ policy: 'allowlist', allowFrom: ['user1'] })
    const config = loadAccessConfig()
    expect(config.policy).toBe('allowlist')
    expect(config.allowFrom).toEqual(['user1'])
  })
 })
 describe('isAllowed', () => {
  test('returns false for unknown user under pairing policy', () => {
    expect(isAllowed('unknown')).toBe(false)
  })
  test('returns true for allowed user', () => {
    saveAccessConfig({ policy: 'pairing', allowFrom: ['user1'] })
    expect(isAllowed('user1')).toBe(true)
  })
  test('returns true for any user under disabled policy', () => {
    saveAccessConfig({ policy: 'disabled', allowFrom: [] })
    expect(isAllowed('anyone')).toBe(true)
  })
 })
 describe('pairing flow', () => {
  test('generates 6-digit code', () => {
    expect(addPendingPairing('user1')).toMatch(/^\d{6}$/)
  })
  test('returns same code for same user', () => {
    const code1 = addPendingPairing('user1')
    const code2 = addPendingPairing('user1')
    expect(code1).toBe(code2)
  })
  test('confirm adds user to allowlist', () => {
    const code = addPendingPairing('user1')
    expect(confirmPairing(code)).toBe('user1')
    expect(isAllowed('user1')).toBe(true)
  })
  test('confirm returns null for invalid code', () => {
    expect(confirmPairing('000000')).toBeNull()
  })
  test('code cannot be reused after confirmation', () => {
    const code = addPendingPairing('user1')
    confirmPairing(code)
    expect(confirmPairing(code)).toBeNull()
  })
 })
--- a/src/services/weixin/tests/permissions.test.ts
+++ b/src/services/weixin/tests/permissions.test.ts
@@ -0,0 +1,43 @@
 import { afterEach, describe, expect, test } from 'bun:test'
 import {
  clearPermissionStateForTests,
  consumePendingPermission,
  getActivePermissionChat,
  savePendingPermission,
  setActivePermissionChat,
 } from '../permissions.js'
 afterEach(() => {
  clearPermissionStateForTests()
 })
 describe('permission state', () => {
  test('tracks active permission chat', () => {
    setActivePermissionChat('user-1', 'ctx-1')
    expect(getActivePermissionChat()).toEqual({
      chatId: 'user-1',
      contextToken: 'ctx-1',
      updatedAt: expect.any(Number),
    })
  })
  test('consumes pending permission only for matching user', () => {
    savePendingPermission(
      {
        request_id: 'abcde',
        tool_name: 'Bash',
        description: 'Run a command',
        input_preview: '{"command":"pwd"}',
      },
      'user-1',
      'ctx-1',
    )
    expect(consumePendingPermission('abcde', 'user-2')).toBeNull()
    expect(consumePendingPermission('ABCDE', 'user-1')).toMatchObject({
      request_id: 'abcde',
      chatId: 'user-1',
    })
    expect(consumePendingPermission('abcde', 'user-1')).toBeNull()
  })
 })
--- a/src/services/weixin/tests/send.test.ts
+++ b/src/services/weixin/tests/send.test.ts
@@ -0,0 +1,32 @@
 import { describe, expect, test } from 'bun:test'
 import { markdownToPlainText } from '../send.js'
 describe('markdownToPlainText', () => {
  test('removes bold markers', () => {
    expect(markdownToPlainText('**bold**')).toBe('bold')
  })
  test('removes italic markers', () => {
    expect(markdownToPlainText('*italic*')).toBe('italic')
  })
  test('removes inline code backticks', () => {
    expect(markdownToPlainText('`code`')).toBe('code')
  })
  test('removes code block fences', () => {
    expect(markdownToPlainText("```js\nconsole.log('hi');\n```"))
      .toBe("console.log('hi');")
  })
  test('converts links to text with URL', () => {
    expect(markdownToPlainText('[click](https://example.com)')).toBe(
      'click (https://example.com)',
    )
  })
  test('handles mixed markdown', () => {
    expect(markdownToPlainText('# Hello\n\n**bold** and *italic* with `code`'))
      .toBe('Hello\n\nbold and italic with code')
  })
 })
--- a/src/services/weixin/accounts.ts
+++ b/src/services/weixin/accounts.ts
@@ -0,0 +1,57 @@
 import {
  chmodSync,
  existsSync,
  mkdirSync,
  readFileSync,
  unlinkSync,
  writeFileSync,
 } from 'node:fs'
 import { homedir } from 'node:os'
 import { join } from 'node:path'
 export const DEFAULT_BASE_URL = 'https://ilinkai.weixin.qq.com'
 export const CDN_BASE_URL = 'https://novac2c.cdn.weixin.qq.com/c2c'
 export interface AccountData {
  token: string
  baseUrl: string
  userId?: string
  savedAt: string
 }
 export function getStateDir(): string {
  const dir =
    process.env.WEIXIN_STATE_DIR ||
    join(homedir(), '.claude', 'channels', 'weixin')
  if (!existsSync(dir)) {
    mkdirSync(dir, { recursive: true })
  }
  return dir
 }
 function accountPath(): string {
  return join(getStateDir(), 'account.json')
 }
 export function loadAccount(): AccountData | null {
  const path = accountPath()
  if (!existsSync(path)) return null
  try {
    return JSON.parse(readFileSync(path, 'utf-8')) as AccountData
  } catch {
    return null
  }
 }
 export function saveAccount(data: AccountData): void {
  const path = accountPath()
  writeFileSync(path, JSON.stringify(data, null, 2), 'utf-8')
  chmodSync(path, 0o600)
 }
 export function clearAccount(): void {
  const path = accountPath()
  if (existsSync(path)) {
    unlinkSync(path)
  }
 }
--- a/src/services/weixin/api.ts
+++ b/src/services/weixin/api.ts
@@ -0,0 +1,148 @@
 import { randomBytes } from 'node:crypto'
 import type {
  BaseInfo,
  GetConfigResp,
  GetUpdatesReq,
  GetUpdatesResp,
  GetUploadUrlReq,
  GetUploadUrlResp,
  SendMessageReq,
  SendTypingReq,
  SendTypingResp,
 } from './types.js'
 const CHANNEL_VERSION = '0.1.0'
 function baseInfo(): BaseInfo {
  return { channel_version: CHANNEL_VERSION }
 }
 function randomUin(): string {
  return randomBytes(4).toString('base64')
 }
 function buildHeaders(token?: string): Record<string, string> {
  const headers: Record<string, string> = {
    'Content-Type': 'application/json',
    'X-WECHAT-UIN': randomUin(),
  }
  if (token) {
    headers.AuthorizationType = 'ilink_bot_token'
    headers.Authorization = `Bearer ${token}`
  }
  return headers
 }
 async function post<T>(
  baseUrl: string,
  path: string,
  body: unknown,
  token?: string,
  timeoutMs = 40_000,
  signal?: AbortSignal,
 ): Promise<T> {
  const controller = new AbortController()
  const timeout = setTimeout(() => controller.abort(), timeoutMs)
  if (signal) {
    signal.addEventListener('abort', () => controller.abort(), { once: true })
  }
  try {
    const response = await fetch(`${baseUrl}${path}`, {
      method: 'POST',
      headers: buildHeaders(token),
      body: JSON.stringify(body),
      signal: controller.signal,
    })
    if (!response.ok) {
      throw new Error(`HTTP ${response.status}: ${response.statusText}`)
    }
    return (await response.json()) as T
  } finally {
    clearTimeout(timeout)
  }
 }
 export async function getUpdates(
  baseUrl: string,
  token: string,
  getUpdatesBuf: string,
  signal?: AbortSignal,
 ): Promise<GetUpdatesResp> {
  const body: GetUpdatesReq = {
    get_updates_buf: getUpdatesBuf,
    base_info: baseInfo(),
  }
  try {
    return await post<GetUpdatesResp>(
      baseUrl,
      '/ilink/bot/getupdates',
      body,
      token,
      40_000,
      signal,
    )
  } catch (error) {
    if (error instanceof Error && error.name === 'AbortError') {
      return { ret: 0, msgs: [], get_updates_buf: getUpdatesBuf }
    }
    throw error
  }
 }
 export async function sendMessage(
  baseUrl: string,
  token: string,
  msg: SendMessageReq['msg'],
 ): Promise<void> {
  const body: SendMessageReq = { msg, base_info: baseInfo() }
  await post(baseUrl, '/ilink/bot/sendmessage', body, token)
 }
 export async function getUploadUrl(
  baseUrl: string,
  token: string,
  params: Omit<GetUploadUrlReq, 'base_info'>,
 ): Promise<GetUploadUrlResp> {
  return post<GetUploadUrlResp>(
    baseUrl,
    '/ilink/bot/getuploadurl',
    { ...params, base_info: baseInfo() },
    token,
  )
 }
 export async function getConfig(
  baseUrl: string,
  token: string,
  userId: string,
  contextToken?: string,
 ): Promise<GetConfigResp> {
  return post<GetConfigResp>(
    baseUrl,
    '/ilink/bot/getconfig',
    {
      ilink_user_id: userId,
      context_token: contextToken,
      base_info: baseInfo(),
    },
    token,
  )
 }
 export async function sendTyping(
  baseUrl: string,
  token: string,
  req: Omit<SendTypingReq, 'base_info'>,
 ): Promise<SendTypingResp> {
  return post<SendTypingResp>(
    baseUrl,
    '/ilink/bot/sendtyping',
    { ...req, base_info: baseInfo() },
    token,
  )
 }
--- a/src/services/weixin/cli.ts
+++ b/src/services/weixin/cli.ts
@@ -0,0 +1,110 @@
 import { clearAccount, DEFAULT_BASE_URL, loadAccount, saveAccount } from './accounts.js'
 import { startLogin, waitForLogin } from './login.js'
 import { confirmPairing } from './pairing.js'
 import { runWeixinMcpServer } from './server.js'
 function printUsage(): void {
  process.stdout.write(
    [
      'Usage:',
      '  ccb weixin serve',
      '  ccb weixin login',
      '  ccb weixin login clear',
      '  ccb weixin access pair <code>',
      '',
      'Session enablement:',
      '  ccb --channels plugin:weixin@builtin',
    ].join('\n') + '\n',
  )
 }
 async function runLogin(clear = false): Promise<void> {
  if (clear) {
    clearAccount()
    process.stdout.write('WeChat account cleared.\n')
    return
  }
  const existing = loadAccount()
  if (existing) {
    process.stdout.write(
      [
        'Already connected:',
        `  User ID: ${existing.userId || 'unknown'}`,
        `  Connected since: ${existing.savedAt}`,
        '',
        'Run `ccb weixin login clear` to disconnect.',
        'Restart Claude Code with:',
        '  ccb --channels plugin:weixin@builtin',
      ].join('\n') + '\n',
    )
    return
  }
  process.stdout.write('Starting WeChat QR login...\n\n')
  const qr = await startLogin(DEFAULT_BASE_URL)
  process.stdout.write(
    `\nScan the QR code above with WeChat, or open this URL:\n${qr.qrcodeUrl || ''}\n\n`,
  )
  const result = await waitForLogin({
    qrcodeId: qr.qrcodeId,
    apiBaseUrl: DEFAULT_BASE_URL,
  })
  if (!result.connected || !result.token) {
    process.stderr.write(`Login failed: ${result.message}\n`)
    process.exit(1)
  }
  saveAccount({
    token: result.token,
    baseUrl: result.baseUrl || DEFAULT_BASE_URL,
    userId: result.userId,
    savedAt: new Date().toISOString(),
  })
  process.stdout.write(
    [
      'Connected successfully!',
      `  User ID: ${result.userId || 'unknown'}`,
      `  Base URL: ${result.baseUrl || DEFAULT_BASE_URL}`,
      '',
      'Restart Claude Code with:',
      '  ccb --channels plugin:weixin@builtin',
    ].join('\n') + '\n',
  )
 }
 function runAccess(args: string[]): void {
  if (args[0] !== 'pair' || !args[1]) {
    printUsage()
    process.exit(1)
  }
  const userId = confirmPairing(args[1])
  if (!userId) {
    process.stderr.write('Invalid or expired pairing code.\n')
    process.exit(1)
  }
  process.stdout.write(`Paired successfully: ${userId}\n`)
 }
 export async function handleWeixinCli(args: string[]): Promise<void> {
  const [subcommand, ...rest] = args
  switch (subcommand) {
    case 'serve':
      await runWeixinMcpServer()
      return
    case 'login':
      await runLogin(rest[0] === 'clear')
      return
    case 'access':
      runAccess(rest)
      return
    default:
      printUsage()
  }
 }
--- a/src/services/weixin/login.ts
+++ b/src/services/weixin/login.ts
@@ -0,0 +1,127 @@
 import qrcode from 'qrcode-terminal'
 export interface QRCodeResult {
  qrcodeUrl?: string
  qrcodeId: string
  message: string
 }
 export interface LoginResult {
  connected: boolean
  token?: string
  accountId?: string
  baseUrl?: string
  userId?: string
  message: string
 }
 export async function startLogin(apiBaseUrl: string): Promise<QRCodeResult> {
  const response = await fetch(`${apiBaseUrl}/ilink/bot/get_bot_qrcode?bot_type=3`)
  if (!response.ok) {
    throw new Error(`Failed to get QR code: HTTP ${response.status}`)
  }
  const data = (await response.json()) as {
    qrcode?: string
    qrcode_img_content?: string
  }
  if (!data.qrcode) {
    throw new Error('No qrcode in response')
  }
  const qrcodeUrl = data.qrcode_img_content || ''
  if (qrcodeUrl) {
    qrcode.generate(qrcodeUrl, { small: true }, output => {
      process.stderr.write(`${output}\n`)
    })
  }
  return {
    qrcodeUrl,
    qrcodeId: data.qrcode,
    message: 'Scan the QR code with WeChat to connect.',
  }
 }
 export async function waitForLogin(params: {
  qrcodeId: string
  apiBaseUrl: string
  timeoutMs?: number
  maxRetries?: number
 }): Promise<LoginResult> {
  const { qrcodeId, apiBaseUrl, timeoutMs = 480_000, maxRetries = 3 } = params
  const deadline = Date.now() + timeoutMs
  let currentQrcodeId = qrcodeId
  let retryCount = 0
  while (Date.now() < deadline) {
    try {
      const controller = new AbortController()
      const timeout = setTimeout(() => controller.abort(), 60_000)
      const response = await fetch(
        `${apiBaseUrl}/ilink/bot/get_qrcode_status?qrcode=${encodeURIComponent(currentQrcodeId)}`,
        {
          headers: { 'iLink-App-ClientVersion': '1' },
          signal: controller.signal,
        },
      )
      clearTimeout(timeout)
      if (!response.ok) {
        throw new Error(`HTTP ${response.status}`)
      }
      const data = (await response.json()) as {
        status?: string
        bot_token?: string
        ilink_bot_id?: string
        baseurl?: string
        ilink_user_id?: string
      }
      switch (data.status) {
        case 'confirmed':
          return {
            connected: true,
            token: data.bot_token,
            accountId: data.ilink_bot_id,
            baseUrl: data.baseurl,
            userId: data.ilink_user_id,
            message: 'Connected to WeChat successfully!',
          }
        case 'scaned':
          process.stderr.write(
            'QR code scanned, waiting for confirmation...\n',
          )
          break
        case 'expired': {
          retryCount += 1
          if (retryCount >= maxRetries) {
            return {
              connected: false,
              message: 'QR code expired after maximum retries.',
            }
          }
          process.stderr.write('QR code expired, refreshing...\n')
          const refreshed = await startLogin(apiBaseUrl)
          currentQrcodeId = refreshed.qrcodeId
          break
        }
        case 'wait':
        default:
          break
      }
    } catch (error) {
      if (error instanceof Error && error.name === 'AbortError') {
        continue
      }
      throw error
    }
    await new Promise(resolve => setTimeout(resolve, 1000))
  }
  return { connected: false, message: 'Login timed out.' }
 }
--- a/src/services/weixin/media.ts
+++ b/src/services/weixin/media.ts
@@ -0,0 +1,163 @@
 import {
  createCipheriv,
  createDecipheriv,
  createHash,
  randomBytes,
 } from 'node:crypto'
 import {
  existsSync,
  mkdirSync,
  readFileSync,
  writeFileSync,
 } from 'node:fs'
 import { tmpdir } from 'node:os'
 import { basename, extname, join } from 'node:path'
 import { getUploadUrl } from './api.js'
 import { UploadMediaType } from './types.js'
 export function encryptAesEcb(plaintext: Buffer, key: Buffer): Buffer {
  const cipher = createCipheriv('aes-128-ecb', key, null)
  return Buffer.concat([cipher.update(plaintext), cipher.final()])
 }
 export function decryptAesEcb(ciphertext: Buffer, key: Buffer): Buffer {
  const decipher = createDecipheriv('aes-128-ecb', key, null)
  return Buffer.concat([decipher.update(ciphertext), decipher.final()])
 }
 export function aesEcbPaddedSize(size: number): number {
  return size + (16 - (size % 16))
 }
 export function buildCdnDownloadUrl(
  encryptedQueryParam: string,
  cdnBaseUrl: string,
 ): string {
  return `${cdnBaseUrl}/download?encrypted_query_param=${encodeURIComponent(encryptedQueryParam)}`
 }
 export function buildCdnUploadUrl(
  cdnBaseUrl: string,
  uploadParam: string,
  filekey: string,
 ): string {
  return `${cdnBaseUrl}/upload?encrypted_query_param=${encodeURIComponent(uploadParam)}&filekey=${encodeURIComponent(filekey)}`
 }
 export function parseAesKey(aesKeyBase64: string): Buffer {
  const decoded = Buffer.from(aesKeyBase64, 'base64')
  if (decoded.length === 16) {
    return decoded
  }
  if (decoded.length === 32 && /^[0-9a-fA-F]{32}$/.test(decoded.toString('ascii'))) {
    return Buffer.from(decoded.toString('ascii'), 'hex')
  }
  throw new Error(
    `Invalid aes_key: expected 16 raw bytes or 32 hex chars, got ${decoded.length} bytes`,
  )
 }
 export async function downloadAndDecrypt(params: {
  encryptQueryParam: string
  aesKey: string
  cdnBaseUrl: string
 }): Promise<Buffer> {
  const url = buildCdnDownloadUrl(params.encryptQueryParam, params.cdnBaseUrl)
  const response = await fetch(url)
  if (!response.ok) {
    throw new Error(`CDN download failed: HTTP ${response.status}`)
  }
  const ciphertext = Buffer.from(await response.arrayBuffer())
  return decryptAesEcb(ciphertext, parseAesKey(params.aesKey))
 }
 export interface UploadedFileInfo {
  encryptQueryParam: string
  aesKey: string
  fileSize: number
  rawSize: number
  fileName: string
 }
 export async function uploadFile(params: {
  filePath: string
  toUserId: string
  mediaType: number
  apiBaseUrl: string
  token: string
  cdnBaseUrl: string
 }): Promise<UploadedFileInfo> {
  const plaintext = readFileSync(params.filePath)
  const rawSize = plaintext.length
  const rawMd5 = createHash('md5').update(plaintext).digest('hex')
  const aesKey = randomBytes(16)
  const filekey = randomBytes(16).toString('hex')
  const ciphertext = encryptAesEcb(plaintext, aesKey)
  const fileSize = ciphertext.length
  const uploadResp = await getUploadUrl(params.apiBaseUrl, params.token, {
    filekey,
    media_type: params.mediaType,
    to_user_id: params.toUserId,
    rawsize: rawSize,
    rawfilemd5: rawMd5,
    filesize: fileSize,
    no_need_thumb: true,
    aeskey: aesKey.toString('hex'),
  })
  if (!uploadResp.upload_param) {
    throw new Error('No upload_param in response')
  }
  const uploadUrl = buildCdnUploadUrl(
    params.cdnBaseUrl,
    uploadResp.upload_param,
    filekey,
  )
  const uploadResult = await fetch(uploadUrl, {
    method: 'POST',
    headers: { 'Content-Type': 'application/octet-stream' },
    body: new Uint8Array(ciphertext),
  })
  if (!uploadResult.ok) {
    throw new Error(`CDN upload failed: HTTP ${uploadResult.status}`)
  }
  return {
    encryptQueryParam: uploadResult.headers.get('x-encrypted-param') || '',
    aesKey: Buffer.from(aesKey.toString('hex')).toString('base64'),
    fileSize,
    rawSize,
    fileName: basename(params.filePath),
  }
 }
 export function guessMediaType(filePath: string): number {
  const ext = extname(filePath).toLowerCase()
  const imageExts = ['.jpg', '.jpeg', '.png', '.gif', '.bmp', '.webp', '.heic']
  const videoExts = ['.mp4', '.mov', '.avi', '.mkv', '.webm']
  if (imageExts.includes(ext)) return UploadMediaType.IMAGE
  if (videoExts.includes(ext)) return UploadMediaType.VIDEO
  return UploadMediaType.FILE
 }
 export async function downloadRemoteToTemp(
  url: string,
  destDir?: string,
 ): Promise<string> {
  const dir = destDir || join(tmpdir(), 'weixin-downloads')
  if (!existsSync(dir)) mkdirSync(dir, { recursive: true })
  const response = await fetch(url)
  if (!response.ok) throw new Error(`Download failed: HTTP ${response.status}`)
  const buffer = Buffer.from(await response.arrayBuffer())
  const urlPath = new URL(url).pathname
  const name = basename(urlPath) || `file_${Date.now()}`
  const dest = join(dir, name)
  writeFileSync(dest, buffer)
  return dest
 }
--- a/src/services/weixin/monitor.ts
+++ b/src/services/weixin/monitor.ts
@@ -0,0 +1,302 @@
 import {
  existsSync,
  mkdirSync,
  readFileSync,
  writeFileSync,
 } from 'node:fs'
 import { tmpdir } from 'node:os'
 import { basename, join } from 'node:path'
 import { PERMISSION_REPLY_RE } from '../mcp/channelPermissions.js'
 import { getUpdates } from './api.js'
 import { getStateDir } from './accounts.js'
 import { downloadAndDecrypt } from './media.js'
 import { addPendingPairing, isAllowed } from './pairing.js'
 import { consumePendingPermission, setActivePermissionChat } from './permissions.js'
 import { sendText } from './send.js'
 import { MessageItemType, MessageType, type MessageItem, type WeixinMessage } from './types.js'
 const contextTokens = new Map<string, string>()
 export function getContextToken(userId: string): string | undefined {
  return contextTokens.get(userId)
 }
 function cursorPath(): string {
  return join(getStateDir(), 'cursor.txt')
 }
 function loadCursor(): string {
  const path = cursorPath()
  if (existsSync(path)) return readFileSync(path, 'utf-8').trim()
  return ''
 }
 function saveCursor(cursor: string): void {
  writeFileSync(cursorPath(), cursor, 'utf-8')
 }
 async function downloadMedia(
  item: MessageItem,
  cdnBaseUrl: string,
 ): Promise<{ path: string; type: string } | null> {
  let encryptQueryParam: string | undefined
  let aesKey: string | undefined
  let ext = ''
  let mediaType = ''
  switch (item.type) {
    case MessageItemType.IMAGE:
      encryptQueryParam = item.image_item?.media?.encrypt_query_param
      aesKey = item.image_item?.aeskey
        ? Buffer.from(item.image_item.aeskey, 'hex').toString('base64')
        : item.image_item?.media?.aes_key
      ext = '.jpg'
      mediaType = 'image'
      break
    case MessageItemType.VOICE:
      encryptQueryParam = item.voice_item?.media?.encrypt_query_param
      aesKey = item.voice_item?.media?.aes_key
      ext = '.silk'
      mediaType = 'voice'
      break
    case MessageItemType.FILE:
      encryptQueryParam = item.file_item?.media?.encrypt_query_param
      aesKey = item.file_item?.media?.aes_key
      ext = item.file_item?.file_name
        ? `.${item.file_item.file_name.split('.').pop()}`
        : ''
      mediaType = 'file'
      break
    case MessageItemType.VIDEO:
      encryptQueryParam = item.video_item?.media?.encrypt_query_param
      aesKey = item.video_item?.media?.aes_key
      ext = '.mp4'
      mediaType = 'video'
      break
    default:
      return null
  }
  if (!encryptQueryParam || !aesKey) return null
  try {
    const data = await downloadAndDecrypt({
      encryptQueryParam,
      aesKey,
      cdnBaseUrl,
    })
    const dir = join(tmpdir(), 'weixin-media')
    if (!existsSync(dir)) mkdirSync(dir, { recursive: true })
    const rawFileName = item.file_item?.file_name || `${Date.now()}${ext}`
    const fileName = basename(rawFileName)
    const filePath = join(dir, fileName)
    writeFileSync(filePath, data)
    return { path: filePath, type: mediaType }
  } catch (error) {
    process.stderr.write(`[weixin] Failed to download media: ${error}\n`)
    return null
  }
 }
 export interface ParsedMessage {
  fromUserId: string
  messageId: string
  text: string
  attachmentPath?: string
  attachmentType?: string
 }
 export type OnMessageCallback = (msg: ParsedMessage) => Promise<void>
 export type PermissionResponse = {
  requestId: string
  behavior: 'allow' | 'deny'
  fromUserId: string
 }
 export type OnPermissionResponseCallback = (
  response: PermissionResponse,
 ) => Promise<void>
 export function extractPermissionReply(
  text: string,
 ): { requestId: string; behavior: 'allow' | 'deny' } | null {
  const match = text.match(PERMISSION_REPLY_RE)
  if (!match) return null
  const behavior =
    match[1]?.toLowerCase().startsWith('y') ? 'allow' : 'deny'
  const requestId = match[2]?.toLowerCase()
  if (!requestId) return null
  return { requestId, behavior }
 }
 export async function startPollLoop(params: {
  baseUrl: string
  cdnBaseUrl: string
  token: string
  onMessage: OnMessageCallback
  onPermissionResponse?: OnPermissionResponseCallback
  abortSignal: AbortSignal
 }): Promise<void> {
  const {
    baseUrl,
    cdnBaseUrl,
    token,
    onMessage,
    onPermissionResponse,
    abortSignal,
  } = params
  let cursor = loadCursor()
  let consecutiveErrors = 0
  process.stderr.write('[weixin] Starting message poll loop...\n')
  while (!abortSignal.aborted) {
    try {
      const response = await getUpdates(baseUrl, token, cursor, abortSignal)
      if (response.errcode === -14) {
        process.stderr.write(
          '[weixin] Session expired (errcode -14). Pausing for 30s...\n',
        )
        await new Promise(resolve => setTimeout(resolve, 30_000))
        continue
      }
      if (response.ret !== 0 && response.ret !== undefined) {
        throw new Error(
          `getUpdates error: ret=${response.ret} errcode=${response.errcode} ${response.errmsg}`,
        )
      }
      consecutiveErrors = 0
      if (response.get_updates_buf) {
        cursor = response.get_updates_buf
        saveCursor(cursor)
      }
      if (response.msgs && response.msgs.length > 0) {
        for (const msg of response.msgs) {
          await processMessage(msg, {
            baseUrl,
            cdnBaseUrl,
            token,
            onMessage,
            onPermissionResponse,
          })
        }
      }
    } catch (error) {
      if (abortSignal.aborted) break
      consecutiveErrors += 1
      process.stderr.write(
        `[weixin] Poll error (${consecutiveErrors}): ${error instanceof Error ? error.message : String(error)}\n`,
      )
      if (consecutiveErrors >= 3) {
        process.stderr.write(
          '[weixin] Too many consecutive errors, backing off 30s...\n',
        )
        await new Promise(resolve => setTimeout(resolve, 30_000))
        consecutiveErrors = 0
      } else {
        await new Promise(resolve => setTimeout(resolve, 2000))
      }
    }
  }
  process.stderr.write('[weixin] Poll loop stopped.\n')
 }
 async function processMessage(
  msg: WeixinMessage,
  ctx: {
    baseUrl: string
    cdnBaseUrl: string
    token: string
    onMessage: OnMessageCallback
    onPermissionResponse?: OnPermissionResponseCallback
  },
 ): Promise<void> {
  if (msg.message_type !== MessageType.USER) return
  const fromUserId = msg.from_user_id
  if (!fromUserId) return
  if (msg.context_token) {
    contextTokens.set(fromUserId, msg.context_token)
  }
  if (!isAllowed(fromUserId)) {
    const code = addPendingPairing(fromUserId)
    try {
      await sendText({
        to: fromUserId,
        text: `Your pairing code is: ${code}\n\nAsk the operator to confirm:\nccb weixin access pair ${code}`,
        baseUrl: ctx.baseUrl,
        token: ctx.token,
        contextToken: msg.context_token || '',
      })
    } catch (error) {
      process.stderr.write(`[weixin] Failed to send pairing code: ${error}\n`)
    }
    return
  }
  setActivePermissionChat(fromUserId, msg.context_token)
  let textContent = ''
  let mediaPath: string | undefined
  let mediaType: string | undefined
  if (msg.item_list) {
    for (const item of msg.item_list) {
      if (item.type === MessageItemType.TEXT && item.text_item?.text) {
        textContent += `${textContent ? '\n' : ''}${item.text_item.text}`
      } else if (
        item.type === MessageItemType.IMAGE ||
        item.type === MessageItemType.VOICE ||
        item.type === MessageItemType.FILE ||
        item.type === MessageItemType.VIDEO
      ) {
        const downloaded = await downloadMedia(item, ctx.cdnBaseUrl)
        if (downloaded) {
          mediaPath = downloaded.path
          mediaType = downloaded.type
        }
        if (item.type === MessageItemType.VOICE && item.voice_item?.text) {
          textContent += `${textContent ? '\n' : ''}[Voice transcription]: ${item.voice_item.text}`
        }
      }
    }
  }
  if (!textContent && !mediaPath) return
  if (textContent && ctx.onPermissionResponse) {
    const permissionReply = extractPermissionReply(textContent)
    if (permissionReply) {
      const pending = consumePendingPermission(
        permissionReply.requestId,
        fromUserId,
      )
      if (pending) {
        await ctx.onPermissionResponse({
          requestId: pending.request_id,
          behavior: permissionReply.behavior,
          fromUserId,
        })
        return
      }
    }
  }
  await ctx.onMessage({
    fromUserId,
    messageId: String(msg.message_id || ''),
    text: textContent || '(media attachment)',
    attachmentPath: mediaPath,
    attachmentType: mediaType,
  })
 }
--- a/src/services/weixin/pairing.ts
+++ b/src/services/weixin/pairing.ts
@@ -0,0 +1,101 @@
 import { existsSync, readFileSync, writeFileSync } from 'node:fs'
 import { join } from 'node:path'
 import { getStateDir } from './accounts.js'
 export interface AccessConfig {
  policy: 'pairing' | 'allowlist' | 'disabled'
  allowFrom: string[]
 }
 interface PendingEntry {
  userId: string
  expiresAt: number
 }
 function configPath(): string {
  return join(getStateDir(), 'access.json')
 }
 function pendingPath(): string {
  return join(getStateDir(), 'pending-pairings.json')
 }
 function loadPending(): Record<string, PendingEntry> {
  const path = pendingPath()
  if (!existsSync(path)) return {}
  try {
    return JSON.parse(readFileSync(path, 'utf-8')) as Record<string, PendingEntry>
  } catch {
    return {}
  }
 }
 function savePending(data: Record<string, PendingEntry>): void {
  writeFileSync(pendingPath(), JSON.stringify(data, null, 2), 'utf-8')
 }
 export function loadAccessConfig(): AccessConfig {
  const path = configPath()
  if (!existsSync(path)) {
    return { policy: 'pairing', allowFrom: [] }
  }
  try {
    return JSON.parse(readFileSync(path, 'utf-8')) as AccessConfig
  } catch {
    return { policy: 'pairing', allowFrom: [] }
  }
 }
 export function saveAccessConfig(config: AccessConfig): void {
  writeFileSync(configPath(), JSON.stringify(config, null, 2), 'utf-8')
 }
 export function isAllowed(userId: string): boolean {
  const config = loadAccessConfig()
  if (config.policy === 'disabled') return true
  return config.allowFrom.includes(userId)
 }
 export function addPendingPairing(userId: string): string {
  const pending = loadPending()
  const now = Date.now()
  for (const code of Object.keys(pending)) {
    if (pending[code]!.expiresAt < now) {
      delete pending[code]
    }
  }
  for (const [code, entry] of Object.entries(pending)) {
    if (entry.userId === userId) {
      savePending(pending)
      return code
    }
  }
  const code = String(Math.floor(100000 + Math.random() * 900000))
  pending[code] = { userId, expiresAt: now + 10 * 60 * 1000 }
  savePending(pending)
  return code
 }
 export function confirmPairing(code: string): string | null {
  const pending = loadPending()
  const entry = pending[code]
  if (!entry || entry.expiresAt < Date.now()) {
    delete pending[code]
    savePending(pending)
    return null
  }
  delete pending[code]
  savePending(pending)
  const config = loadAccessConfig()
  if (!config.allowFrom.includes(entry.userId)) {
    config.allowFrom.push(entry.userId)
    saveAccessConfig(config)
  }
  return entry.userId
 }
--- a/src/services/weixin/permissions.ts
+++ b/src/services/weixin/permissions.ts
@@ -0,0 +1,73 @@
 import type { ChannelPermissionRequestParams } from '../mcp/channelNotification.js'
 export type PendingPermissionRequest = ChannelPermissionRequestParams & {
  chatId: string
  contextToken?: string
  createdAt: number
  expiresAt: number
 }
 export type ActivePermissionChat = {
  chatId: string
  contextToken?: string
  updatedAt: number
 }
 const PENDING_PERMISSION_TTL_MS = 15 * 60 * 1000
 const pendingPermissions = new Map<string, PendingPermissionRequest>()
 let activePermissionChat: ActivePermissionChat | null = null
 function pruneExpiredPendingPermissions(now = Date.now()): void {
  for (const [requestId, entry] of pendingPermissions.entries()) {
    if (entry.expiresAt <= now) {
      pendingPermissions.delete(requestId)
    }
  }
 }
 export function setActivePermissionChat(
  chatId: string,
  contextToken?: string,
 ): void {
  activePermissionChat = { chatId, contextToken, updatedAt: Date.now() }
 }
 export function getActivePermissionChat(): ActivePermissionChat | null {
  return activePermissionChat
 }
 export function savePendingPermission(
  request: ChannelPermissionRequestParams,
  chatId: string,
  contextToken?: string,
 ): PendingPermissionRequest {
  pruneExpiredPendingPermissions()
  const entry: PendingPermissionRequest = {
    ...request,
    chatId,
    contextToken,
    createdAt: Date.now(),
    expiresAt: Date.now() + PENDING_PERMISSION_TTL_MS,
  }
  pendingPermissions.set(request.request_id.toLowerCase(), entry)
  return entry
 }
 export function consumePendingPermission(
  requestId: string,
  fromUserId: string,
 ): PendingPermissionRequest | null {
  pruneExpiredPendingPermissions()
  const key = requestId.toLowerCase()
  const entry = pendingPermissions.get(key)
  if (!entry) return null
  if (entry.chatId !== fromUserId) return null
  pendingPermissions.delete(key)
  return entry
 }
 export function clearPermissionStateForTests(): void {
  pendingPermissions.clear()
  activePermissionChat = null
 }
--- a/src/services/weixin/send.ts
+++ b/src/services/weixin/send.ts
@@ -0,0 +1,144 @@
 import { randomUUID } from 'node:crypto'
 import type { CDNMedia, MessageItem } from './types.js'
 import { sendMessage } from './api.js'
 import { guessMediaType, uploadFile } from './media.js'
 import { MessageItemType, MessageState, MessageType } from './types.js'
 export function markdownToPlainText(text: string): string {
  return text
    .replace(/```[\s\S]*?\n([\s\S]*?)```/g, '$1')
    .replace(/`([^`]+)`/g, '$1')
    .replace(/\*\*\*(.+?)\*\*\*/g, '$1')
    .replace(/\*\*(.+?)\*\*/g, '$1')
    .replace(/\*(.+?)\*/g, '$1')
    .replace(/___(.+?)___/g, '$1')
    .replace(/__(.+?)__/g, '$1')
    .replace(/_(.+?)_/g, '$1')
    .replace(/~~(.+?)~~/g, '$1')
    .replace(/^#{1,6}\s+/gm, '')
    .replace(/\[([^\]]+)\]\(([^)]+)\)/g, '$1 ($2)')
    .replace(/!\[([^\]]*)\]\([^)]+\)/g, '[$1]')
    .replace(/^>\s+/gm, '')
    .replace(/^[-*_]{3,}$/gm, '---')
    .replace(/^[\s]*[-*+]\s+/gm, '- ')
    .replace(/^[\s]*(\d+)\.\s+/gm, '$1. ')
    .replace(/\n{3,}/g, '\n\n')
    .trim()
 }
 export async function sendText(params: {
  to: string
  text: string
  baseUrl: string
  token: string
  contextToken: string
 }): Promise<{ messageId: string }> {
  const clientId = randomUUID()
  await sendMessage(params.baseUrl, params.token, {
    to_user_id: params.to,
    from_user_id: '',
    client_id: clientId,
    message_type: MessageType.BOT,
    message_state: MessageState.FINISH,
    context_token: params.contextToken,
    item_list: [
      {
        type: MessageItemType.TEXT,
        text_item: { text: markdownToPlainText(params.text) },
      },
    ],
  })
  return { messageId: clientId }
 }
 async function sendItems(params: {
  items: MessageItem[]
  to: string
  baseUrl: string
  token: string
  contextToken: string
 }): Promise<string> {
  let lastClientId = ''
  for (const item of params.items) {
    lastClientId = randomUUID()
    await sendMessage(params.baseUrl, params.token, {
      to_user_id: params.to,
      from_user_id: '',
      client_id: lastClientId,
      message_type: MessageType.BOT,
      message_state: MessageState.FINISH,
      context_token: params.contextToken,
      item_list: [item],
    })
  }
  return lastClientId
 }
 export async function sendMediaFile(params: {
  filePath: string
  to: string
  text: string
  baseUrl: string
  token: string
  contextToken: string
  cdnBaseUrl: string
 }): Promise<{ messageId: string }> {
  const mediaType = guessMediaType(params.filePath)
  const uploaded = await uploadFile({
    filePath: params.filePath,
    toUserId: params.to,
    mediaType,
    apiBaseUrl: params.baseUrl,
    token: params.token,
    cdnBaseUrl: params.cdnBaseUrl,
  })
  const cdnMedia: CDNMedia = {
    encrypt_query_param: uploaded.encryptQueryParam,
    aes_key: uploaded.aesKey,
    encrypt_type: 1,
  }
  const items: MessageItem[] = []
  if (params.text) {
    items.push({
      type: MessageItemType.TEXT,
      text_item: { text: markdownToPlainText(params.text) },
    })
  }
  switch (mediaType) {
    case 1:
      items.push({
        type: MessageItemType.IMAGE,
        image_item: { media: cdnMedia, mid_size: uploaded.fileSize },
      })
      break
    case 2:
      items.push({
        type: MessageItemType.VIDEO,
        video_item: { media: cdnMedia, video_size: uploaded.fileSize },
      })
      break
    default:
      items.push({
        type: MessageItemType.FILE,
        file_item: {
          media: cdnMedia,
          file_name: uploaded.fileName,
          len: String(uploaded.rawSize),
        },
      })
      break
  }
  const messageId = await sendItems({
    items,
    to: params.to,
    baseUrl: params.baseUrl,
    token: params.token,
    contextToken: params.contextToken,
  })
  return { messageId }
 }
--- a/src/services/weixin/server.ts
+++ b/src/services/weixin/server.ts
@@ -0,0 +1,341 @@
 import { existsSync } from 'node:fs'
 import { Server } from '@modelcontextprotocol/sdk/server/index.js'
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'
 import {
  CallToolRequestSchema,
  ListToolsRequestSchema,
 } from '@modelcontextprotocol/sdk/types.js'
 import {
  ChannelPermissionRequestNotificationSchema,
  type ChannelPermissionRequestParams,
 } from '../mcp/channelNotification.js'
 import { initializeAnalyticsSink } from '../analytics/sink.js'
 import { shutdownDatadog } from '../analytics/datadog.js'
 import { shutdown1PEventLogging } from '../analytics/firstPartyEventLogger.js'
 import { enableConfigs } from '../../utils/config.js'
 import { logForDebugging } from '../../utils/debug.js'
 import { CDN_BASE_URL, DEFAULT_BASE_URL, loadAccount } from './accounts.js'
 import { getConfig, sendTyping } from './api.js'
 import { getContextToken, startPollLoop, type ParsedMessage } from './monitor.js'
 import { getActivePermissionChat, savePendingPermission } from './permissions.js'
 import { sendMediaFile, sendText } from './send.js'
 import { TypingStatus } from './types.js'
 function formatPermissionRequestMessage(
  request: ChannelPermissionRequestParams,
 ): string {
  return [
    'Claude Code needs your approval.',
    '',
    `Tool: ${request.tool_name}`,
    `Reason: ${request.description}`,
    `Input: ${request.input_preview}`,
    '',
    `Reply with: yes ${request.request_id}`,
    `Or deny with: no ${request.request_id}`,
  ].join('\n')
 }
 export function createWeixinMcpServer(): Server {
  const server = new Server(
    { name: 'weixin', version: MACRO.VERSION },
    {
      capabilities: {
        experimental: {
          'claude/channel': {},
          'claude/channel/permission': {},
        },
        tools: {},
      },
      instructions:
        'Messages from WeChat arrive as <channel source="plugin:weixin:weixin" chat_id="..." sender_id="...">. Reply using the reply tool with the chat_id from the channel tag. Use absolute paths for file attachments.',
    },
  )
  server.setRequestHandler(ListToolsRequestSchema, async () => ({
    tools: [
      {
        name: 'reply',
        description:
          'Reply to a WeChat message. Pass the chat_id from the channel tag.',
        inputSchema: {
          type: 'object' as const,
          properties: {
            chat_id: {
              type: 'string',
              description: 'The chat_id from the channel notification',
            },
            text: { type: 'string', description: 'The reply text' },
            files: {
              type: 'array',
              items: { type: 'string' },
              description: 'Optional absolute file paths to attach',
            },
          },
          required: ['chat_id', 'text'],
        },
      },
      {
        name: 'send_typing',
        description: 'Send a typing indicator to a WeChat user.',
        inputSchema: {
          type: 'object' as const,
          properties: {
            chat_id: { type: 'string', description: 'The chat_id (user ID)' },
          },
          required: ['chat_id'],
        },
      },
    ],
  }))
  server.setRequestHandler(CallToolRequestSchema, async request => {
    const { name, arguments: args } = request.params
    const account = loadAccount()
    if (!account) {
      return {
        content: [
          {
            type: 'text',
            text: 'WeChat not connected. Run `ccb weixin login` first.',
          },
        ],
        isError: true,
      }
    }
    const baseUrl = account.baseUrl || DEFAULT_BASE_URL
    const cdnBaseUrl = CDN_BASE_URL
    switch (name) {
      case 'reply': {
        const chatId = typeof args?.chat_id === 'string' ? args.chat_id : ''
        const text = typeof args?.text === 'string' ? args.text : ''
        const files = Array.isArray(args?.files)
          ? args.files.filter((value): value is string => typeof value === 'string')
          : undefined
        if (!chatId || !text) {
          return {
            content: [
              { type: 'text', text: 'Missing chat_id or text parameter.' },
            ],
            isError: true,
          }
        }
        const contextToken = getContextToken(chatId) || ''
        try {
          if (files && files.length > 0) {
            for (const [index, filePath] of files.entries()) {
              if (!existsSync(filePath)) {
                return {
                  content: [
                    { type: 'text', text: `File not found: ${filePath}` },
                  ],
                  isError: true,
                }
              }
              await sendMediaFile({
                filePath,
                to: chatId,
                text: index === 0 ? text : '',
                baseUrl,
                token: account.token,
                contextToken,
                cdnBaseUrl,
              })
            }
            return {
              content: [{ type: 'text', text: 'Message sent with attachments.' }],
            }
          }
          await sendText({
            to: chatId,
            text,
            baseUrl,
            token: account.token,
            contextToken,
          })
          return { content: [{ type: 'text', text: 'Message sent.' }] }
        } catch (error) {
          return {
            content: [{ type: 'text', text: `Failed to send: ${error}` }],
            isError: true,
          }
        }
      }
      case 'send_typing': {
        const chatId = typeof args?.chat_id === 'string' ? args.chat_id : ''
        if (!chatId) {
          return {
            content: [{ type: 'text', text: 'Missing chat_id parameter.' }],
            isError: true,
          }
        }
        try {
          const contextToken = getContextToken(chatId)
          const config = await getConfig(
            baseUrl,
            account.token,
            chatId,
            contextToken,
          )
          if (config.typing_ticket) {
            await sendTyping(baseUrl, account.token, {
              ilink_user_id: chatId,
              typing_ticket: config.typing_ticket,
              status: TypingStatus.TYPING,
            })
          }
          return {
            content: [{ type: 'text', text: 'Typing indicator sent.' }],
          }
        } catch (error) {
          return {
            content: [{ type: 'text', text: `Failed to send typing: ${error}` }],
            isError: true,
          }
        }
      }
      default:
        return {
          content: [{ type: 'text', text: `Unknown tool: ${name}` }],
          isError: true,
        }
    }
  })
  return server
 }
 export async function runWeixinMcpServer(): Promise<void> {
  enableConfigs()
  initializeAnalyticsSink()
  const account = loadAccount()
  if (!account) {
    process.stderr.write(
      '[weixin] No account configured. Run `ccb weixin login` to connect your WeChat account.\n',
    )
    await Promise.all([shutdown1PEventLogging(), shutdownDatadog()])
    process.exit(1)
  }
  const server = createWeixinMcpServer()
  const transport = new StdioServerTransport()
  server.setNotificationHandler(
    ChannelPermissionRequestNotificationSchema(),
    async notification => {
      const request = notification.params
      const targetChatId = request.channel_context?.chat_id
      const targetChat = targetChatId
        ? {
            chatId: targetChatId,
            contextToken: getContextToken(targetChatId),
          }
        : getActivePermissionChat()
      if (!targetChat) {
        logForDebugging(
          `[Weixin MCP] No active chat available for permission request ${request.request_id}`,
        )
        return
      }
      try {
        savePendingPermission(
          request,
          targetChat.chatId,
          targetChat.contextToken,
        )
        await sendText({
          to: targetChat.chatId,
          text: formatPermissionRequestMessage(request),
          baseUrl,
          token: account.token,
          contextToken: targetChat.contextToken || '',
        })
      } catch (error) {
        process.stderr.write(
          `[weixin] Failed to relay permission request ${request.request_id}: ${error}\n`,
        )
      }
    },
  )
  await server.connect(transport)
  const baseUrl = account.baseUrl || DEFAULT_BASE_URL
  const controller = new AbortController()
  let exiting = false
  const shutdownAndExit = async (): Promise<void> => {
    if (exiting) return
    exiting = true
    if (!controller.signal.aborted) {
      controller.abort()
    }
    await Promise.all([shutdown1PEventLogging(), shutdownDatadog()])
    process.exit(0)
  }
  process.stdin.on('end', () => void shutdownAndExit())
  process.stdin.on('error', () => void shutdownAndExit())
  process.on('SIGINT', () => void shutdownAndExit())
  process.on('SIGTERM', () => void shutdownAndExit())
  process.on('SIGHUP', () => void shutdownAndExit())
  const ppid = process.ppid
  const parentCheck = setInterval(() => {
    try {
      process.kill(ppid, 0)
    } catch {
      process.stderr.write('[weixin] Parent process exited, shutting down...\n')
      clearInterval(parentCheck)
      void shutdownAndExit()
    }
  }, 5000)
  logForDebugging('[Weixin MCP] Starting poll loop')
  await startPollLoop({
    baseUrl,
    cdnBaseUrl: CDN_BASE_URL,
    token: account.token,
    onMessage: async (msg: ParsedMessage) => {
      await server.notification({
        method: 'notifications/claude/channel',
        params: {
          content: msg.text,
          meta: {
            chat_id: msg.fromUserId,
            sender_id: msg.fromUserId,
            message_id: msg.messageId,
            ...(msg.attachmentPath && { attachment_path: msg.attachmentPath }),
            ...(msg.attachmentType && { attachment_type: msg.attachmentType }),
          },
        },
      })
    },
    onPermissionResponse: async response => {
      await server.notification({
        method: 'notifications/claude/channel/permission',
        params: {
          request_id: response.requestId,
          behavior: response.behavior,
        },
      })
    },
    abortSignal: controller.signal,
  })
  clearInterval(parentCheck)
  await shutdownAndExit()
 }
--- a/src/services/weixin/types.ts
+++ b/src/services/weixin/types.ts
@@ -0,0 +1,178 @@
 export const MessageType = {
  NONE: 0,
  USER: 1,
  BOT: 2,
 } as const
 export const MessageItemType = {
  NONE: 0,
  TEXT: 1,
  IMAGE: 2,
  VOICE: 3,
  FILE: 4,
  VIDEO: 5,
 } as const
 export const MessageState = {
  NEW: 0,
  GENERATING: 1,
  FINISH: 2,
 } as const
 export const UploadMediaType = {
  IMAGE: 1,
  VIDEO: 2,
  FILE: 3,
  VOICE: 4,
 } as const
 export const TypingStatus = {
  TYPING: 1,
  CANCEL: 2,
 } as const
 export interface BaseInfo {
  channel_version?: string
 }
 export interface CDNMedia {
  encrypt_query_param?: string
  aes_key?: string
  encrypt_type?: number
 }
 export interface TextItem {
  text?: string
 }
 export interface ImageItem {
  media?: CDNMedia
  thumb_media?: CDNMedia
  aeskey?: string
  url?: string
  mid_size?: number
  thumb_size?: number
  thumb_height?: number
  thumb_width?: number
  hd_size?: number
 }
 export interface VoiceItem {
  media?: CDNMedia
  encode_type?: number
  bits_per_sample?: number
  sample_rate?: number
  playtime?: number
  text?: string
 }
 export interface FileItem {
  media?: CDNMedia
  file_name?: string
  md5?: string
  len?: string
 }
 export interface VideoItem {
  media?: CDNMedia
  video_size?: number
  play_length?: number
  video_md5?: string
  thumb_media?: CDNMedia
  thumb_size?: number
  thumb_height?: number
  thumb_width?: number
 }
 export interface RefMessage {
  message_item?: MessageItem
  title?: string
 }
 export interface MessageItem {
  type?: number
  create_time_ms?: number
  update_time_ms?: number
  is_completed?: boolean
  msg_id?: string
  ref_msg?: RefMessage
  text_item?: TextItem
  image_item?: ImageItem
  voice_item?: VoiceItem
  file_item?: FileItem
  video_item?: VideoItem
 }
 export interface WeixinMessage {
  seq?: number
  message_id?: number
  from_user_id?: string
  to_user_id?: string
  client_id?: string
  create_time_ms?: number
  update_time_ms?: number
  delete_time_ms?: number
  session_id?: string
  group_id?: string
  message_type?: number
  message_state?: number
  item_list?: MessageItem[]
  context_token?: string
 }
 export interface GetUpdatesReq {
  get_updates_buf?: string
  base_info?: BaseInfo
 }
 export interface GetUpdatesResp {
  ret?: number
  errcode?: number
  errmsg?: string
  msgs?: WeixinMessage[]
  get_updates_buf?: string
  longpolling_timeout_ms?: number
 }
 export interface SendMessageReq {
  msg?: WeixinMessage
  base_info?: BaseInfo
 }
 export interface GetUploadUrlReq {
  filekey?: string
  media_type?: number
  to_user_id?: string
  rawsize?: number
  rawfilemd5?: string
  filesize?: number
  thumb_rawsize?: number
  thumb_rawfilemd5?: string
  thumb_filesize?: number
  no_need_thumb?: boolean
  aeskey?: string
  base_info?: BaseInfo
 }
 export interface GetUploadUrlResp {
  upload_param?: string
  thumb_upload_param?: string
 }
 export interface GetConfigResp {
  ret?: number
  errmsg?: string
  typing_ticket?: string
 }
 export interface SendTypingReq {
  ilink_user_id?: string
  typing_ticket?: string
  status?: number
  base_info?: BaseInfo
 }
 export interface SendTypingResp {
  ret?: number
  errmsg?: string
 }
--- a/src/types/qrcode-terminal.d.ts
+++ b/src/types/qrcode-terminal.d.ts
@@ -0,0 +1,11 @@
 declare module 'qrcode-terminal' {
  const qrcode: {
    generate(
      text: string,
      options?: { small?: boolean },
      callback?: (output: string) => void,
    ): void
  }
  export default qrcode
 }